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(57) Abstract 

1 In a method and a dc- 
' vice for partial encryption and 
progressive tnuismission of im- 
fint section of Ae un- 
STflletecompressed at reduced 
Zdiw without decryption and 
a secind section of dte image 
fiteisemwted-.Uswshavvng 
««ss to appropriate d<«yptt«. 
vevwoids can decrypt this sec- 

JXSon. tt^^^^ 
togpti«r with the decrypted s^ 

^section can then beview^ 

as a lull quality image- Tl^^*?: 
age space required for stonngttKs 

first and section «>g«f « 
sentially fte same as the stor 
foe space requbed for stonng 

*^'»S^ncryp.«lMq^2:;:d 
aee By using *e method and 

device as described herein stor- 
aee and bandwid* requirements 
?^^j;tially encrypted im^'s 
p5<juad. Furthemwre. object 
based composition and proceM- 
ing of encrypted objects are fa- 
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A METHOD AND A DEVICE FOR ENCRYPTION OP IMAGES 

TECHNICAL FIEIiD ^ • ^„ 

. „ ^»^;,^es to a method and a devxce for 

The present invention relates to a «eui* 

encrypting images. 

BACKGRODND OF THE INVENTION AND PRIOR ART 

Z^^n of digital data is a technical field which heco.es 
^:ftant When transndtting and storing secret information or 
^formation which only shall be available to a user paying f^r 
the inforn^tion. Thus, several methods for encrypting digital 
Tta are in freguent use. Such methods can also ^l^--^^- 
to digital image data. Examples of encryption methods are DES, 
triple DES and the public-key RSA method. 

Digital images can be stored on servers and distributed over a ^ 
Digital ">ag ^ digital image data. Images can also 

to all image data. 

offered for sale on the Internet. 
»..s Pl-^^srap^ ^lo„ cuBtc„.r= to ao»nload a 

The service provider wan . _,»istv for evaluation, 

version ot the i^g. wit.^ reduced '^''^ ,,„i,e aad 

Toumals that want to publish an image, pay to 
jrTh^ allowed to download a fuU ^Uty .mage. 

. „^ice provider wants to Binii^" borage space 
However, such a service previa alternatively 
and download bit rates. « i^age ^l^^^J^lo-^ are given 
want to distribute images on ^ ^. ^„ images at a 

away or sold for a low price. at full 

.educed ^ality, but they must V^^^J'^J^o use the storage 
in the case the image provider vraii 
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It is also essential that customers always can access images 
using user friendly, standardised software. Image providers are 
reluctant to design and support special image viewers and 
customers don't want a proliferation of viewing tools. 

presently, image providers have to store two versions of the 
in^ges stored. The full quality version is stored as an 
encrypted image file. This means that the image fxrst is 
col^essed and stored in a compressed file format such as 
or GIF. The compressed file is then encrypted usxng a suitable 
Lryption tool and an encrypted image file is stored The user 
rmxst first decrypt this file and then access the resulting 
compressed image file using an image viewing tool. Reduced 
quality images are produced by processing the full quality ^ 
Lges in an image editing program. They are stored as separate 
compressed image files- 

The problems with this solution are that at Last two *ifferent 
Trsfons Of the sa^ i-ge need to he -^^^^f^/^, 
versions »ast also he trans^tted o^ the 

4t, ^Vl^» case a customer first wanes to 
remote access in the case a resolution 
low resolution image before paying for the full 

version. 

^s results in a signiti-^ disadvantage if ^^^"^"-^ 

THIS ret>u fraction of the image 

version inage contains a ^-^^ ^^^^ ^„_els would 

iufom^tion. images ^^J^j"'^^^ , good .quality 

particular ^J^^^^ a detailed understanding of 

since ,oumal editor ^ ^ ^^^^^ 

the image content and accepts o y ,eauire 10-50% o£ the 

printing. The reduced quality i«Bge could requir 
storage space of the full quality i^ge- 

•„a still image coding standard JPEO 2000, 
furthermore, the emerging still 

v-v described in charilaos christopouj. 
trficir Model version .0. includes many new ^^^^ 

...ctionalities in ---i-^^^^^^^ ^^.s L creating a 
techniques. They include, m P^^^^^ ' ^application domain 

wide range of progressive image formats. 

SUBSTITUTE SHEET CRULE 25) 
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c«i select a suitable progression m>io. Individual objects 
within l»ages can be accessed separately in the «EO .000 
ritstreaa. Ld progressive transmission can be applied also c 
objects, in OPBG 2000 there Is also support for independently 
decodable coding xanits. 

ST3MMARY . 

It is an object of the present invention to overcome the 

problems as outlined above and in particular to -^^^^l 
Lount of memory required for storing an iiaage, whxch partxally 
shall be possible to view, and also to reduce transmxssxon toine 
in a transmission scheme transmitting partially encrypted 
images. 

This object and others are obtained by a technique for Partial 
rcrVPtion and progressive trans^ssion of in«ges 
sec^on of the i^ge file c«. be deco^ressed at reduced^ity 
without decryption, i.e. the first low ■^^^l^^l^^ 
encrypted, and where a second section of the ^ge f Ue .s 

encrypted. 

^. users -ng TT^l^X^^ - 

^,e. The -;-t;r- -^1, thl sr aHhe storage space 
re^ir^aTrttLrng^runencU^ full <^all- ^e. Xhe 

Of the second section may, depending on the 
encryption of the secon , 3^,^ of the second 

encryption method, imply a sxiguT- v 
rectTon con^ared to the unencrypted second section. 

„^ also be partitioned into multiple sections where 
The image can also be P individual encryption 

each section may be encrypted with ^encrypted, 
method and -V-rd. so„e sections .a^^^^^^^^^ ^ ^^^^^ 
^ l^rtant element Of the » ^^^^^^ ^ 

herein is that the compr 

independently decodable coding ^^'^^^ ' . ^ „^,essed 
possible to perfor,. encryption ^ 
domain Without performing entropy decoding. 
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A reduced quality image can be produced according to several 
different main schemes, sucH as: 
1} Reduced resolution 

2) Reduced accuracy of the transform coefficients 

3) Exclusion of predefined regions of interest (ROD 

Ttese methods can be combined so that a reduced .juality image is 
Tl produced hy reducing both the resolution and the accuracy 
of the transform coefficients- 

By using the method and device for storing and transmitting 
iLge data as described herein, several advantages are obtaxned. 
Thus, there is no need to store two different versions of an 
1^,; if different users are to have access to different <r-lxty 
Tthe one and same image. Also, transmission times ^ 
Ler if the information content of the first, low ""I"'-""' 
iTgl dlta can be reused when transmitting the higher resolut.cn 

image data. 

r^renTir UonTi" described in more detail and 
I^Teference to the accompanying drawings, .n wbxch: 

4= ♦->,o file structure of an image. 
. Pig. X is a general v.ew of ^J^^ ^^^^^^^^ ,,,,,,i.g to 

- Figs. 2a and 2b shows encryption of images coa 

the JPEG 2000 standard- ^ carried out 

- Fig. 3 is a flow chart illustrating some steps cam 

when encrypting an image. ,n.^„t server process. 

Pig 4 is a diagram illustrating a client server p 

- Pig. 5 is a view of an encryption header 

DETAILED DESCRIPTION ^^^^^^^^ ^ ^,,^^^1. 

in Fig. 1. a general view of 

consists of a number of ^-"^^^^^ ^.^^.^.e shown in Fig. 
sections XOl. 103 ^''^J^^^^^^ version of a high 

" - ;::::;:,:;:t encryption and will therefore 

resolution image, is coaeui 

be possible to decode by any receiver. 
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. , • ,qai-a which combined with the 

The section 103, which con^^rises data, whacn co 
Tne B«w ^«„,it in a mediiom resolution version of 

^ .nd only receivers having access to the correct 
^Uon .ey wilX be ahXe to decode the data stored ^ the 
section 103, 

The section 105. which c=n^,rises data, v*i=h co.*.ined with the 
Tta Of section XOl and i03 results in a full resolution version 
Of the high resolution inage, is encrypted using a second 
encryption method, and only receivers having access to the 
el^l^tion Key will be able to decode the data stored ^ the 
section 105- 

Thus decoding of the section 101 will result in a low 

^ iution iige version lOV. Decryption ^"^^^^^l^,;^ 

section 103 will, confined wi^ ^J^Jl^^'l'^^Z 113 and 

r^ofiht re^tronTsTii: ^J^-^^ - - 

:r::'e s^ctron:Tol and 103 result in a full resolution i^ge 



115. 



P^ther^re, i^le.entation in ---".rrrtfrcro: 

'^t: rstrer :: - - 

MoHel Version 2.0, aes^^i-j-^^^^" a wide 

^0 hitstrea. can he inserted in the hitstrea. so that 
range of progressive a»des can be supported. 

^-19 0 a coding unit is a part of 

- i^rro::stt=-- ''-p^-^ - ^ 

the bitstream that enooaes " described as any 

3^b3nd. in general, a ^^^^^^^^^^Lfrr^.^on. The general 
independently decodable '^-^^J^^^^^^^:,,, ,o include so 
^o^s. for -P^^^^^J^'t^t nirtToding unit (it is 

:rcir trs-frrsiand^^^^^^^^^^^^^^^ 

-Is -irrod": - ^rthrs'savrng the hits that 
axe needed for inserting explicit tags. 
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in Figs. 2a and 2b block diagrams describing how encryption can 
be implemented in the JPEG 2000 encoder and decoder 
respectively, are shown. 

«xus. in Fig 2a a bloc3c diagram where encryption is P«-^°-^^ 
afte; entropy coding in the encoder is shown. Coding v^xts enter 
1 entropy coding bloc3c 201. In the block 201 codxng the codxng 
units are entropy coded using some suitable entropy code. The 
output from the block 201 is fed to a selector which selects a 
suitable encryption method for each entropy coded codxng unxt. 
some coding units can be selected to not be encrypted at all. 

in response to the selection made in the selector 203 the 
entropy coded coding units are encrypted in a block 205. The 
encrypted coding units together with the not encrypted codxng 
units then form a combined output data stream, which can be 
stored or transmitted. 

I„ Fig. 21> a decoder lor decoding the bit etrean 3-™^ ^ 

encoder in Pig. " i» "'TctL^SX 
Tcrypted coding units enter the decoder via a -l-";/"' 
rhireelecta a suitable decrvption .et.od ^f/^^ 
coded coding unit, or if the "^^^^^.^Z 
encrypted it is directly transiltted to a bloCc 25S. 

v„ hhe selection made in the selector 255 the 
xn -=^7^;;;^^^^,,, decrypted in a hlocK 253 using a 
entropy coded coding me decrypted coding units are 

suitable ^-^'trc^fss ""trbfoc^SS the coding units 
then fed to the block 255. 1° decryption 
from fed directly from the selector «1 and _^ 

hlocK 253 are entropy ^"^'^^ ^^^^J; which is fed 
output data stream corresponding to the data 
„ the entropy coding block 201 in Fig. 2a. 

^ch coding - —rilUrTntt; rn^^^riooK. 

Figs. 2a and 2b is •^f//^^^.^^^ separately with any user 
Hach coding unit can .he same image 

rrenrr^Ter- ::::.:e:t encryption methods, .he 

SUBSTITUTE SHEET (RULE 26) 
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encryption method u.ed can further b. an "=-VP^i°° 
^ed with a keyword or a method for generating >ceywords . 

Afferent encryption methods can in such an 

iaentical algorithms but different ^^^^^ -"^"^^^^^^^^ta 
n*.«cT-it)tion (EMD) as shown in Figs. 2a and 2b xs any 
::rar3::sLn keywords or algorithm identifiers 
Z specify the Encryption Method. Wnit Encryption ^"te (DBS) is 
a s^l that for each coding unit defines how it iS encrypted. 

in Fig 3, a flow chart illustrating different steps carried out 

Ltypting an image are shown. First, in a step 301. an 
iTge™ paLially Lrypted is received. The image received 
Tstep 301 Ls then coded using a coding algorithm generates 
^I^dently decodable coding units, e.g. ^.C 2O00, in a step 



303 



• , .tec 305 some of the coding units of the image coded 
Next, xn a step ^OS'Som ^^^^^ encryption method, 

in step 303 are encrypted usxng s encrypted 
such as DES. The coding unxts that ^« ^^^^ 

^ =o^ in accordance with user preferences. Thus, a u 
can be set xn accorcuiiiw. „ pnxs hiqher order 

Chose to have coding units ^"J^^ -^^^ , ^.s 
.it-plane.^ etc^ncry^ted-^-^ly^^ are merged into a 

and the codxng unxts wnxca a* 

single bit stream. 

xn Fig. . a "^-:^:irco:drro"-r^ 

„^ transmitting an ^^^e ^^^^ ^ZlJ^- Thus, a client 
aescrihed in -^^/^^-^J^ Vo^'xhe client 401 can then issue 
r^ret^nrts t- erver .03 for a particular image, step 



405. 



403 replies by transmitting the coding units of the 
The server 403 replxes oy encrypted 
i.age which are not encrypte^^^ step^^^^^^ ^^^^ 
coding units can be decoded oy ^^^^ f^H image, 

access to a low resolution °^ f^^/^.^^ ^ave access to 

Based on this information ^J^^^^^jZ i.age..X. so the 
the image in a higher resolutxon 

SUBSrmJTE SHEET (RULE 26) 
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client transmits a request to the server requesting such 
information, step 409- 

The server replies by sending a request to the client requesting 
the client to agree to the conditions for transmitting the 
higher resolution version of the image, step 411. If the client 
agrees via a message 413, e.g. comprising a card number or 
account number from which to bill the cost for the image, the 
server sends the encrypted coding units together with a key word 
by means of which the encrypted coding units can be decrypted, 
step 415. A secure method for key distribution should be used. 
Eacaii?»les of such secure methods are described in W. S tailings 
"Data and computer Communications", p 635 -637, Prentice-Hall 
1997 fifth edition ISBN 0-13-571274-2. 

If the client already has access to the unencrypted and 
encrypted coding units, for example if he has purchased a CD-ROM 
with images coded as described herein. The scheme as described 
in conjunction can be modified so that no image data xs 
transmitted. Instead the client only agrees to conditions set by 
the server in order to have access to the key word(s) whxch are 
required to decrypt the encrypted coding units of the CD-ROM. 

in the case when the method and device as described herein is 
^sed When encoding image according to the ^BO ^0?^ ^^^^^'J^ 
is advantageous if the JPEG 2000 standard does not ^^^^^^^^^l 
eL^^tion methods. ^ Encryption Header that is included xn the 
Ta^header or optionally an Encryption Tag that xs -J^^ 
the^PEG 2000 Tags can instead be used to specify how coding 
xonits are decrypted. 

:^^HG .000 inage header and eucryptlon infcnnatxon can 
optionally be nerged into JPEG 2000 Tags. 

xn Fi9. S an enc^tion neader is shown, «>e Encrvption Header 
L in .uch an «nhodiment contain the .ollow.n, symbols. 

SUBSmUTE SHEET (RULE 28) 
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1) Encryption Mode (EM) . A set of standard encryption modes are 
defined e.g. 

a) one encryption, method is used for all coding units 

b) Bitplanes of less significance than, bitplane X are encrypted 

c) Subbands of higher resolution than Y are encrypted 

d) ROIs specified in are encrypted, etc. 

NO encryption information need to included in the Tags if an EM 
is defined. 

2) Encryption Mode Parameters (BMP). Parameters (X, Y. ...) that 
are used to define the Encryption Mode are set here. 

3) Number of encryption methods used. Several encryption methods 
can be used within the same image if e.g. different user groups 
should be allowed to see different image content. 

4) one Encryption Method Descriptor (EMD) for each encryption 
niethod. The EMD defines any data that is needed by 
encryption/decryption module. The type of encryption algorxth. 
is Tfined. A typical use of EMD will be to include a Keyword 
tLt is encrypted by a public Key algorit^. .^e u.er suppl.es a 

rrcl^u^Its. The^order of the KMDs -™ ^ 
each encryption method. This number xs used xn OES symbo 

encrypii^e , svmbol per coding unit. These 

Onit ^ the encryption header or 

syxr^ols could -^^^ ^^^^^^^^^^ ,,,,,,eam as encryption 

alternatively be distributed in t encryption header we 

h«fl<, If the UES information is kept m the encrypc 

tags, ir tne o^-t-e (ES) . ES consists of 

define a header element - Encryption State (ES) 

a series of UES symbols that are listed m the same 

coding units appears in the bit stream. 

IP EF is set and the Encryption State is not given in the 

SUBSTITUTE SHEET (RULE 26) 



PCT/SE99/02106 

WO 00/31964 

header JBEG 2000 Tags can be e:cpanded to contain 
^:^;ion State (t=ES). sv^bols. =ES defines whic^ ^^^^T 
if any. tbat is used for encrypting ti« next coding 



unit I 



codinq xiixits belonging to the ROI ror 
by selecting appropriate coaxng uixx 

encryption . 

The .am proble. is that the shape of the ROI Mght ^^J^^fJ^ 
content. If the shapes are encrypted it is, /^^^^^^^^ 
to show a reduced quality image since it xs difficult to 
interpret the coded transform coefficients. 

defininq a so called cloaking 
Ttnir ZTZ^ ^. on. or .ev^al a„ 

rite tx^ - osTi; the 0-s.ape. The cs^p. is designed to 
:rx:::al sensitive i»age content. . si^L «a^^« =^ ' - 
Shape is a boxmding box. 

. oftT in the JPEG 2000 bit 

stream. The c-sbape xs "^^^ verification Model 

Cbarilaos ^-^^''P""^"^'^,!' JcSique as described therein 
mi.°«Xrthl: r Ue fs defined in the .K. .000 



header. 



r-shaoe and the transform 
.as. is created — ^ '"^J ^ end encrypted 

coefficients belongxng to the c s ^ ^^^^^^ ^^^^ 

using the method as descried here^ 

.11 coefficients belonging to of ^^^^ ^^^^ 

by the c-shape are encrypted. The tex 
protected by encryption. 

- Of - — — rter:^^^^^ - 

encryption ,,e corresponding c-shape. 

TVZT^ Z = the unencrypted background, .he c- 
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can ^ displayed as . bl«* regio,. The 
be decoded if the keyword is This i. done by "^-■^""^ 

tie coefficients belonging to the o-shape. The shape of each ROI 
Slonging to the c-shape is also decrypted. ^^^^^^^J 
now be rearranged so that the =-=hape is dropped and the 
original ROI data stxnct>.res are restored. Hote that this is 
done in the co>5)ressed doinain. 

The masic that is used for encoding a ROI is not -^^^^^'^^ 
in JPEG 2000. A maslc that is sufficiently large so "-t the ROI 
Ts "coded lossless will often cover the whole lower subbands A 
that is not allowed to e:,pand will lead to a lossy enco^g 
of the ROI. The «asks belonging to different ROIs or to a ROI 
end the bacl^ground can be designed to overlap. This means that 
some coefficients are encoded in «re than one f'^f 
o^rlao will lead to a reduced overall corj-ression but the ROM 
overlap wiii xe accessed and decoded 

are more independent so that any ROI can be acc 

with a good visual result. 

— far ROIs described herein is not 

r rnfofThTc^ne o -K asToIg as the n,as. is selected 
dependent of the cboi reconstructed from the 

so that the ''^<^^ °l; Tr b^ound. . method for building a 
content of any other ROI or b ^ aescribed in charilacs 

T..zr\:tr^^ot z:^..^.^. version 

.y using the method ^ :^^:^^:^Z^T ^ 
bandwidth "'"^'-'"^^^fJ^'^f/I^Iftion and processing of 
reduced. Furthermore, ^^^^^^^ /^.^ encrvPted. 

.ncrvpted "^^^f^^^^^rc^ Te^crypted and the original 
ra;ttanr:e::y:t:d and restored in the co^ressed domarn, 

• . n,»t encryption does not need to be 
Mother advantage rs that encryp ^.^^^ 

perfor^d at the same time - — /^^^^^L. Cat the 

.be P-ess ta^s place .n the «mp ^^^^^ ^^^^ ^^^^^^ 

bitstream syntax) xt is p ^^^^ before 

encryption. ^/^y ^Ta^ser' .transcoder, . Xn this case, 

transmitting the xmage oy v 
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. -^^r-eases the bitrate. which will be the case 
..e enc^txcn ^creases h ^^^^ ^ ^^^^^^^ 

^rel^rthe^^^^ — tlon is onlv a..e. be.o.e 
transmitting it. 
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Ca^AIMS 

X. A method of partially encrypting image data coi^ising the 

!l!lilg the image data using an encoding algorithm generating 

independently decodable coding units, 

- encrypting at least one of the coding unxts, and 

. r^g elding units which are not encrypted with codxng unxts 

which are encrypted into a combined bitstream. 

2. A method according to claim 1, characterised in that the not 
encrypted coding units correspond to a low resolution version of 
the image data. 

3 » „.thod accordlxg to any o£ eXalM 1-2, eh.r.ot«l>ed in 

l^f^i^ coding units are encrypted using different =od^ 

methods • 

4 A method according to any of claims 1-3, ^^^^^^^J^ 
t;at an encryption flag, which indicates if a codxng unxt xs 
encrypted, is inserted in the bit stream. 

5. A method according to any of cl.ims 1 - wh^ information 
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selecting the not encrypted coding units as J^x 
to a low resolution version of the .mage data. 
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